Anti Virus Comparative Performance Test (AV Products) November 2011



Similar documents
Anti Virus Comparative Performance Test (AV Products) October 2012

How to Determine the Performance of a Computer System

Anti Virus Comparative Performance Test (Suite Products) May 2012

Anti-Virus Comparative - Performance Test (AV Products) May 2014

Anti-Virus Comparative

How To Test For Performance On A 64 Bit Computer (64 Bit)

Anti-Virus Comparative

Anti-Virus Comparative

Anti-Virus Comparative

Anti-Virus Comparative

Anti-Virus Comparative

Anti-Virus Comparative

Anti-Virus Comparative

Anti-Virus Comparative - Proactive/retrospective test May 2009

Anti-Virus Comparative

Whole Product Real World Dynamic Protection Test (August November) 2011

Anti-Virus Protection and Performance

Anti Phishing Test July 2013

Performance test November 2014 / 1 INTRODUCTION... 1 TESTED PROGRAM VERSIONS..2 WHAT AND HOW WE TESTED. 3 OTHER PRINCIPLES...

Anti-Virus Comparative

Security Industry Market Share Analysis

Fully supported Antivirus software (Managed Antivirus)

Anti-Virus Comparative

Anti-Virus Comparative

IT Security Survey 2015

AV-Comparatives. Support-Test (UK) Test of English-Language Telephone Support Services for Windows Consumer Security Software 2016

Firewall Test. Firewall protection in public networks. Commissioned by CHIP. Language: English. Last Revision: 11 th April 2014

Supported Anti Virus from ESAP 2-6-1

Document: 2015 Consumer Security Products Performance Benchmarks (Edition 3) Authors: M. Baquiran, D. Wren Company: PassMark Software Date: 30 March

Real World and Vulnerability Protection, Performance and Remediation Report

Proactive Rootkit Protection Comparison Test

Document: 2015 Consumer Security Products Performance Benchmarks (Edition 2) Authors: M. Baquiran, D. Wren Company: PassMark Software Date: 28

KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION*

FAQ. Safe Anywhere PC. Disclaimer:

Security Industry Market Share Analysis

Consumer Internet Security Products Performance Benchmarks (Sept 2011)

Symantec Endpoint Protection Integration Component 7.5 Release Notes

PCSL. PCSL IT Consulting Institute 机 安 全 软 件 病 毒 检 测 率 测 试

26 Protection Programs Undergo Our First Test Using Windows 8

MRG Effitas 360 Assessment & Certification Programme Q4 2014

Virtual Desktops Security Test Report

Symantec Endpoint Protection Small Business Edition vs. Five Competitors July 2014

CORPORATE AV / EPP COMPARATIVE ANALYSIS

Single Product Review - Bitdefender Security for Virtualized Environments - November 2012

Windows Updates vs. Web Threats

Anti-Virus Comparative No.22

Banker Malware Protection Test Report

KASPERSKY LAB PROVIDES BEST IN THE INDUSTRY PROTECTION*

Home Anti-Virus Protection

Home Anti-Virus Protection

What is PC Matic?...4. System Requirements...4. Launching PC Matic.5. How to Purchase a PC Matic Subscription..6. Additional Installations.

Can Consumer AV Products Protect Against Critical Microsoft Vulnerabilities?

IT Security Survey 2014

Global Antivirus Software Package Market

IT Security Survey 2012

Endurance Test: Does antivirus software slow

Anti-Virus Comparative

Whole Product Dynamic Real-World Protection Test (August-November 2013)

Detection of Linux malware

Internet Explorer Exploit Protection ENTERPRISE BRIEFING REPORT

Bitdefender Internet Security 2015 User's Guide

Whole Product Dynamic Real-World Protection Test (March-June 2014)

Home Anti-Virus Protection

AV-Comparatives. Mobile Security Test. Language: English. February 2015 Last revision: 30 th March

Windows 8 Malware Protection Test Report

SAFEGUARDING YOUR WINDOWS COMPUTER

DSD avast! Pro Antivirus 1-PC 1 jaar 33,99 41,13 DSD avast! Pro Antivirus 3-PC 1 jaar 42,99 52,02

Sophos Computer Security Scan startup guide

Core Protection Module 1.6 for Mac powered by. User s Guide

2. Installation and System requirements

Secondly, if your device is running a Microsoft Windows or Macintosh OS X operating system you will also need to:

Contact details For contacting ENISA or for general enquiries on information security awareness matters, please use the following details:

Small Business Endpoint Protection Performance Benchmarks

Tracking Anti-Malware Protection 2015

Home Anti-Virus Protection

IT Maintenance Checklist. Infrastructure

Whole Product Dynamic Real-World Protection Test (February-June 2016)

The Antivirus Industry: Quo Vadis? VirusBulletin

Norton Internet Security vs Windows Defender on Windows 8 (Edition 1)

Whole Product Dynamic Real-World Protection Test (March-June 2015)

Full Drive Encryption with Samsung Solid State Drives

Small Business Anti-Virus Protection

Whole Product Dynamic Real World Protection Test (March June 2013)

SOS Suite Installation Guide

Symantec Endpoint Protection Small Business Edition Getting Started Guide

BitDefender Security for Exchange

MRG Effitas Online Banking / Browser Security Assessment Project Q Results

VMWare Workstation 11 Installation MICROSOFT WINDOWS SERVER 2008 R2 STANDARD ENTERPRISE ED.

avast! Business products 2014 Introducing the new features and technologies in the latest lineup of avast! security solutions for business.

Document: Faronics Anti-Virus vs. Seven Competitors (August 2014) Authors: M. Baquiran, D. Wren Company: PassMark Software Date: 12 August 2014 File:

Small Business Anti-Virus Protection

WHY AVG IS BETTER FOR

Small Business Endpoint Protection Performance Benchmarks

RELEASE NOTES. F-Secure Client Security Version build 309 (RTM) F-Secure Client Security Premium Version build 118 (RTM) 1.

Endpoint Buyers Guide

AV-TEST Examines 22 Antivirus Apps for Android Smartphones and Tablets

Small Business Endpoint Protection Performance Benchmarks

BITDEFENDER ENDPOINT SECURITY TOOLS

Core Protection for Virtual Machines 1

SSD Old System vs HDD New

Transcription:

Anti-Virus Comparative Performance test (AV Products) Impact of Anti-Virus Software on System Performance Language: English November 2011 Last Revision: 8 th December 2011 www.av-comparatives.org

Table of Contents 1. Introduction 3 2. Tested products 3 3. Test methods 4 4. Side notes and comments 5 5. Test cases 7 6. Test results 8 7. Award levels reached in this test 12 8. Copyright and Disclaimer 13 2

Introduction We want to make clear that the results in this report are intended to give only an indication of the impact on system performance (mainly by the real-time/on-access components) of the various Anti- Virus products in these specific tests. Users are encouraged to try out the software on their own PC s and form an opinion based on their own observations. Tested products The following products were evaluated (with default settings) in this test (November 2011) 1 : avast! Free Antivirus 6.0 McAfee AntiVirus Plus 2012 AVG Anti-Virus 2012 Microsoft Security Essentials 2.1 AVIRA Free Antivirus 2012 Panda Cloud Antivirus Free 1.5.1 Bitdefender Antivirus Plus 2012 PC Tools Spyware Doctor with Antivirus 2012 escan Anti-Virus 11 Qihoo 360 Antivirus 2.0 ESET NOD32 Antivirus 5 Sophos Endpoint Security 9.7 F-Secure Anti-Virus 2012 Symantec Norton AntiVirus 2012 G DATA AntiVirus 2012 Trend Micro Titanium Antivirus Plus 2012 K7 Antivirus Plus 11.1 TrustPort Antivirus 2012 Kaspersky Anti-Virus 2012 Webroot SecureAnywhere Antivirus 2012 Please note that the results in this report apply only to the products/versions listed above (e.g. 64- Bit versions, product version, etc.). Also, keep in mind that different vendors offer different (and differing quantities of) features in their products. The following activities/tests were performed under Windows 7 Professional SP1 64-Bit: File copying Archiving / Unarchiving Encoding / Transcoding Installing / Uninstalling applications Launching applications Downloading files PC Mark 7 Professional Testing Suite 1 We used the latest available product versions available at time of testing. 3

Test methods The tests were performed on an Intel Core i5 2.67 GHz machine with 4GB of RAM and SATAII hard disks. The performance tests were done on a clean Windows 7 Professional SP1 64 Bit system (English) and then with the installed Anti-Virus software (with default settings). The tests have been done with an active internet connection to simulate real world impact of cloud services/features. The hard disks were defragmented before starting the various tests, and care was taken to minimize other factors that could influence the measurements and/or comparability of the systems. Optimizing processes/fingerprinting used by the products were also considered this means that the results represent the impact on a system which has already been used by the user for a while. The tests were repeated several times (with and without fingerprinting) in order to get mean values and filter out measurement errors. After each run the workstation was defragmented and rebooted. We simulated various file operations that a computer user would execute: copying 2 different types of clean files from one place to another, archiving and unarchiving files, encoding and transcoding 3 audio and video files, converting DVD-Files to ipod format, downloading files from Internet, launching applications, etc. We also used a third-party industry recognized performance testing suite (PC Mark 7 Professional) to measure the system impact during real-world product usage. Readers are invited to evaluate the various products themselves, to see how they impact on their systems (such as software conflicts and/or user preferences, as well as different system configurations that may lead to varying results). Security products need to load on systems at an early stage to provide security from the very beginning this load has some impact on the time needed for a system to start up. Measuring boot times accurately is challenging. The most significant issue is to define exactly when the system is fully started, as many operating environments may continue to perform start-up activities for some time after the system appears responsive to the user. It is also important to consider when the protection provided by the security solution being tested is fully active, as this could be a useful measure of boot completion as far as the security solution is concerned. Some Anti-Virus products are loading their services very late (even minutes later) at boot (users may notice that after some time that the system loaded, the system gets very slow for some moments), so the system looks like loading very fast, but it just loads its services later and makes the system also insecure/vulnerable. As we do not want to support such activities, we still do not measure boot times. 2 We used 4GB data of various file categories (pictures, movies, audio files, various MS Office documents, PDF files, applications/executables, Microsoft Windows 7 system files, archives, etc.). 3 Converting MP3 files to WAV, MP3 to WMA, AVI to MPG and MPG to AVI, as well as ipod format 4

Side notes and comments The on-access/real-time scanner component of Anti-Virus software runs as a background process to check all files that are accessed, in order to protect the system continuously against malware threats. For example, on-access scanners scan files as soon as they are accessed, while (e.g.) behaviourblockers add a different layer of protection and monitor what the file does when it is already executed/running. The services and processes that run in the background to do these tasks also require and use system resources. Suite products have usually a higher impact on system performance than Anti- Virus-only products, as more services/features are included and running in the background. Security products need to be active deep in the system in order to protect it and e.g. to scan processes and so on that are already active during the system start-up, to identify rootkits and other malware. Those procedures add some extra time and thus a delay in system boot/start up. If a product takes up too many system resources, users get annoyed and may either disable or uninstall some essential protective features (and considerably compromise the security of their system) or may switch to security software that is less resource-hungry. Therefore, it is important not only that Anti-Virus software provides high detection rates and good protection against malware, but also that it does not degrade system performance or trouble users. While this report looks at how much impact various Internet Security products have on system performance, it is not always just the security software which is the main factor responsible for a slow system. Other factors also play a role, and if users follow some simple rules, system performance can be improved noticeably. The next sections address some of the other factors that may play a part. A few common problems observed on some user PCs: - Old hardware: If a PC already runs at a snail s pace because it has ten-year-old hardware, using modern (security) software may make it unusable. o If possible, buy a new PC that at least meets the minimum recommended requirements of the software you want to use. Multi-Core processors are preferable. o Adding more RAM does not hurt. If you use Windows XP or Windows 7, you should use a minimum of 2GB of RAM. If you use Vista switch to Windows 7. 64-Bit systems are preferable, as especially software which is optimized for such systems will run faster. o Make sure you have only ONE Anti-Virus program with real-time protection. If your new PC came with a trial Anti-Virus program, remove this before installing a different AV program. - Keep all your software up-to-date: Using an Anti-Virus version from e.g. 2009 does not protect you as well as the newer version would, even though you may still be able to update the signatures. Please visit http://update.microsoft.com regularly and keep your operating system up-to-date by installing the recommended patches. Any software can have vulnerabilities and bugs, so keep all the software installed on your PC up-to-date: this will not only protect you against many exploits and vulnerabilities, but also give you any other application improvements that have been introduced. 5

- Clean up the content of your hard disk: o If your hard disk is almost full, your system performance will suffer accordingly. Leave at least 20% of your disk space free and move your movies and other infrequently accessed files to another (external) disk. If money is not an issue, consider buying solid state drives (SSDs). o Uninstall unneeded software. Often, the slowdown that users notice after installing an Anti-Virus product is due to other software on the PC running in the background (that is, due to software conflicts or heavy file access by other programs, each access requiring anti-virus scanning). o Remove unneeded entries/shortcuts from the Autostart/start-up folder in the program menu o if your PC is already messed up by residual files and registry entries left over by hundreds of applications you installed and uninstalled after trying them out over the past years, reinstall a clean operating system and install only software you really need (fewer software installations, fewer potential vulnerabilities and conflicts, and so on) and use e.g. an image/backup tool in order to ensure that you do not have to reinstall everything manually in future. - Defragment your hard disks regularly: A fragmented hard disk can have a very big impact on system performance as well as considerably increasing the time needed to boot up the system. - Fingerprinting/Optimization: most Anti-Virus products use various technologies to decrease their impact on system performance. Fingerprinting is such a technology, where already scanned files do not get rescanned again for a while (or more rarely) or are whitelisted. This increases the speed considerably (esp. after some time the PC was used), but also adds some little potential risk, as not all files are scanned anymore. It is up to the user to decide what to prefer. We suggest performing regularly a full-system scan (to be sure that all files are at least currently found as clean and to further optimize the fingerprinting). - Be patient: a delay of a few additional seconds due to Anti-Virus is not necessarily a big deal. However, if even with the suggestions above the performance of your PC still annoys you, for instance, after you have installed the Anti-Virus you should consider trying out another Anti-Virus product. (If you only notice a slow-down after using the Anti-Virus for a long time, there are probably other factors behind the slowdown). Never reduce your security by disabling essential protection features, just in the hope of gaining a slightly faster PC! 6

Test cases File copying Some Anti-Virus products do not scan all kind of files by design/default (e.g. based on their file extensions), or use fingerprinting technologies, which may skip already scanned files in order to increase the speed (see comments on page 6). We copied a set of different file types which are widespread at home and office workstations from one physical hard disk to another physical hard disk. Archiving and unarchiving Archives are commonly used for file storage, and the impact of Anti-Virus software on the time taken to create new archives or to unarchive files from existing archives may be of interest for most users. We archived a set of different file types which are widespread at home and office workstations form one physical hard disk to another physical hard disk and unzipped them after this again on a third physical hard disk. The results already consider the fingerprinting/optimization technologies of the Anti-Virus products, as most users usually make archives of files they have on their disk. Encoding/transcoding Music files are often stored and converted on home systems, and converting such files takes system resources. Due that, many home users may be interested to know if their Anti-Virus product imposes a slowdown while converting multimedia files from one format to another. We encoded and transcoded some multimedia files with FFmpeg, and for the ipod conversion we used HandBrakeCLI. The impact during FFmpeg and ipod converting was almost the same. Installing/uninstalling applications We installed several programs (like e.g. Visual C++,.NET Framework, etc.) with MSI installers, and then uninstalled them and measured how long it took. We did not consider fingerprinting, because usually an application is only installed once. Launching applications Office document files and PDF files are very common. We opened some large document files in Microsoft Office (and closed it) and some large PDF files in Adobe Acrobat Reader (and closed it). Before each opening, the workstation was rebooted. The time taken for the viewer or editor application to open and a document to be displayed was measured. Although we list the results for the first opening and the subsequent openings, we consider the subsequent openings more important, as normally this operation is done several times by users, and optimization features of the Anti-Virus products take place, minimizing their impact on the systems. Downloading files Files are commonly downloaded from the internet. All products were very fast in this test. 7

Test results These specific test results show the impact on system performance that Anti-Virus products have, compared to the other tested Anti-Virus products. The reported data just give an indication and are not necessarily applicable in all circumstances, as too many factors can play an additional part. As we noticed that delivering percentages gets easily misinterpreted by users (as well as misused by marketing departments or the press) and percentages would need adjustments when other hardware specifications are being used, we grouped the results by clustering them. The impact within those categories does not statistically differ, also considering error measurements. The categories were defined by the testers by consulting statistical methods like hierarchal clustering and taking into consideration what would be noticed from user s perspective or compared to the impact of the other security products. 8

Overview of single AV-C performance scores Vendor Avast AVG AVIRA Bitdefender escan ESET F-Secure G DATA K7 Kaspersky McAfee Microsoft Panda PC Tools Qihoo Sophos Symantec Trend Micro Trustport Webroot File copying Archiving/ unarchiving Encoding/ transcoding Installing/ uninstalling applications Launching applications Open Word Open PDF On first run On subsequent runs On first run On subsequent runs On first run On subsequent runs Downloading files Key: slow mediocre fast very fast 9

PC Mark Tests In order to provide an industry-recognized performance test, we used the PC Mark 7 Professional Edition 4 testing suite. Users using PC Mark 7 should take care to minimize all external factors which could affect the testing suite and follow strictly at least the considerations/suggestions documented inside the PC Mark manual, in order to get consistent and valid/useful results. Furthermore, the tests should be repeated several times to verify them. For more information about the various consumer scenarios tests included in PC Mark, please read the whitepaper on their website 5. Without AV is tested on a baseline 6 system which scores 2024 in the PC Mark test. PC Mark score Points without AV 2024 K7 2020 99,8 ESET 2019 99,8 Symantec 2018 99,7 Avast 2017 99,7 F-Secure 2015 99,6 Microsoft 2014 99,5 escan 2008 99,2 Sophos 2007 99,2 AVIRA 2006 99,1 Kaspersky 2001 98,9 AVG 1996 98,6 Panda 1993 98,5 Webroot 1987 98,2 Qihoo 1985 98,1 G DATA 1984 98,0 Bitdefender 1982 97,9 McAfee 1975 97,6 TrendMicro 1972 97,4 Trustport 1972 97,4 PC Tools 1908 94,3 4 For more information, see http://www.pcmark.com/benchmarks/pcmark7/ 5 http://www.pcmark.com/wp-content/uploads/2011/05/pcmark7_whitepaper.pdf (PDF) 6 Baseline system: Intel Core i5 (2.67 GHz) machine with 4GB of RAM, ATI Radeon HD4500 (512 MB) 10

Summarized results Users should weight the various subtests according to their needs. We applied a scoring system in order to sum up the various results. For file copying we took the mean values, as well as for launching applications (on subsequent runs). Like in previous performance reports, very fast gets 15 points, fast gets 10 points, mediocre gets 5 points and slow gets zero points. This leads to the following results: AV-C Score PC Mark Score TOTAL ESET 90 99,8 189,8 K7 90 99,8 189,8 Avast 90 99,7 189,7 Symantec 90 99,7 189,7 F-Secure 90 99,6 189,6 AVIRA 90 99,1 189,1 Kaspersky 90 98,9 188,9 AVG 90 98,6 188,6 Microsoft 88 99,5 187,5 Sophos 88 99,2 187,2 Panda 88 98,5 186,5 Webroot 88 98,2 186,2 escan 78 99,2 177,2 McAfee 75 97,6 172,6 Trend Micro 75 97,4 172,4 G DATA 70 98 168,0 Bitdefender 70 97,9 167,9 Qihoo 63 98,1 161,1 Trustport 60 97,4 157,4 PC Tools 60 94,3 154,3 11

Award levels reached in this test The following award levels are for the results reached in this performance test report. Please note that the performance test only tells you how much impact an Anti-Virus product may have on a system compared to other Anti-Virus products; it does not tell you anything about the effectiveness of the protection a product provides. AWARDS PRODUCTS 7 ESET K7 Avast Symantec F-Secure AVIRA Kaspersky AVG Microsoft Sophos Panda Webroot escan McAfee Trend Micro G DATA Bitdefender Qihoo Trustport PC Tools The above awards have been given based on our assessment of the overall impact results with default settings under Windows 7 Professional SP1 64 Bit. 7 We suggest considering products with the same award to be as good as the other products with same award. 12

Copyright and Disclaimer This publication is Copyright 2011 by AV-Comparatives e.v.. Any use of the results, etc. in whole or in part, is ONLY permitted if the explicit written agreement of the management board of AV- Comparatives e.v. is given prior to any publication. AV-Comparatives e.v. and its testers cannot be held liable for any damage or loss, which might occur as a result of, or in connection with, the use of the information provided in this paper. We take every possible care to ensure the correctness of the basic data, but no representative of AV-Comparatives e.v. can he held liable for the accuracy of the test results. We do not give any guarantee of the correctness, completeness, or suitability for a specific purpose of any of the information/content provided at any given time. No one else involved in creating, producing or delivering test results shall be liable for any indirect, special or consequential damage, or loss of profits, arising out of, or related to, the use or inability to use, the services provided by the website, test documents or any related data. AV-Comparatives e.v. is a Non-Profit Organization. AV-Comparatives e.v. (December 2011) 13

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information